Microsoft Urges Internet Explorer Users to Protect Against Targeted Attacks

Editors note: This is important because if you have not updated to the newest version then odds are you are under attack.  This is not one of those "it probably wont happen to me" type situations... it is more than likely going to happen.  If you have not done so already you really should switch to a different, and in this web-guy's opinion, better browser.  We suggest Google's Chrome Browser as it seems to be the quickest and easiest to use a the moment.  Add to that the integration of the plethora of googles products seamlessly into it and you have a winning combination.  You can see the original article published by  on mashable here

 

On Monday night, Microsoft urged users of Internet Explorer 9 and earlier versions to deploy a toolkit that could help protect against a series of attacks hitting its system.

It was revealed earlier in the day by security forum Rapid7 that Internet Explorer was hit with a new zero-day exploit, which takes advantage of a security hole within websites to carry out attacks. This means that anyone using IE to visit a website that has malicious links could have their computer compromised.

The exploit is said to affect Windows XP, Vista and 7 systems.

“We have received reports of only a small number of targeted attacks and are working to develop a security update to address this issue,” Microsoft said in a company blog.

The company said consumers using IE are protected when using workarounds and mitigations, such as deploying its Enhanced Mitigation Experience Toolkit (EMET). This tookit aims to protect against this issue and should not affect usability of websites.

Microsoft said users should also set their Internet and local intranet security zone settings to “high” to block ActiveX Controls and Active Scripting.

“This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption,” the company said.

It also told users that it is still looking into the issue, and will keep them posted as new information surfaced.

“We are monitoring the threat landscape very closely and if the situation changes, we will post updates here on the MSRC blog and on Twitter at @MSFTSecResponse,” the company said. “We also encourage folks to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders.”

Image courtesy of iStockphotoHenrik5000

Leave a Reply

Your email address will not be published. Required fields are marked *

Blog Categories

Newsletter

Subscribe to our Newsletter

To subscribe to our dandy newsletter simply add your email below. A confirmation email will be sent to you!

Testimonials

Your-Web-Guys carefully listened to our corporation representatives as we discussed every element that we needed to incorporate into a web site. We had used other ...”
Love Story Corporation